Skip to main content
CVE-2022-29197 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-29196 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-29195 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-29193 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-29194 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-29192 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-29191 MEDIUM POC PATCH This Month

TensorFlow is an open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-25224 MEDIUM POC This Month

Proton v0.2.0 allows an attacker to create a malicious link inside a markdown file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Proton
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-25229 MEDIUM POC This Month

Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Server(s)' field via the 'settings' page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Popcorn Time
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-28985 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in the addNewPost component of OrangeHRM v4.10.1 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Orangehrm
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-29873 CRITICAL PATCH Act Now

A vulnerability has been identified in SICAM T (All versions < V3.0). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service RCE 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware +33
NVD
CVSS 4.0
9.3
EPSS
1.8%
CVE-2022-28987 MEDIUM POC This Month

Zoho ManageEngine ADSelfService Plus before 6202 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zoho Information Disclosure Manageengine Adselfservice Plus
NVD GitHub
CVSS 3.1
5.3
EPSS
9.7%
CVE-2022-29427 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni's Disable Right Click For WP plugin <= 1.1.6 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Disable Right Click For Wp
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-29184 HIGH PATCH This Week

GoCD is a continuous delivery server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Docker Gocd
NVD GitHub
CVSS 3.1
8.8
EPSS
3.6%
CVE-2022-29874 HIGH PATCH This Week

A vulnerability has been identified in SICAM T (All versions < V3.0). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware 7Kg8500 0Aa10 2Aa0 Firmware +32
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-29872 HIGH PATCH This Week

A vulnerability has been identified in SICAM T (All versions < V3.0). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware +33
NVD
CVSS 4.0
8.7
EPSS
1.4%
CVE-2022-29170 HIGH PATCH This Week

Grafana is an open-source platform for monitoring and observability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Grafana
NVD GitHub
CVSS 3.1
8.5
EPSS
1.1%
CVE-2022-29159 MEDIUM POC PATCH This Month

Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Nextcloud Deck
NVD GitHub
CVSS 3.1
4.3
EPSS
0.9%
CVE-2022-24906 MEDIUM POC PATCH This Month

Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud Information Disclosure Deck
NVD GitHub
CVSS 3.1
4.3
EPSS
1.0%
CVE-2022-29179 HIGH PATCH This Week

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Kubernetes Cilium
NVD GitHub
CVSS 3.1
8.2
EPSS
0.4%
CVE-2022-29178 HIGH PATCH This Week

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cilium
NVD GitHub
CVSS 3.1
8.2
EPSS
0.3%
CVE-2022-22973 HIGH This Week

VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

VMware Privilege Escalation Identity Manager Workspace One Access Cloud Foundation +1
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2022-29033 HIGH PATCH This Week

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-29032 HIGH PATCH This Week

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-27653 HIGH This Week

A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Simcenter Femap
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-24287 HIGH PATCH This Week

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Simatic Pcs 7 Simatic Wincc Simatic Wincc Runtime Professional
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-29878 HIGH PATCH This Week

A vulnerability has been identified in SICAM T (All versions < V3.0). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware 7Kg8500 0Aa10 2Aa0 Firmware +32
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-29801 HIGH PATCH This Week

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Teamcenter
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-24290 HIGH PATCH This Week

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions <. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Stack Overflow Buffer Overflow Teamcenter
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-24044 HIGH This Week

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Desigo Dxr2 Firmware Desigo Pxc3 Firmware Desigo Pxc4 Firmware Desigo Pxc5 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-30551 HIGH PATCH This Week

OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Java Ua Java
NVD GitHub
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-29160 LOW POC PATCH Monitor

Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Google Authentication Bypass Nextcloud
NVD GitHub
CVSS 3.1
3.3
EPSS
0.4%
CVE-2022-29447 HIGH This Week

Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal WordPress Information Disclosure Hover Effects
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-29882 HIGH PATCH This Week

A vulnerability has been identified in SICAM T (All versions < V3.0). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware 7Kg8500 0Aa10 2Aa0 Firmware +32
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2022-29876 HIGH PATCH This Week

A vulnerability has been identified in SICAM T (All versions < V3.0). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware 7Kg8500 0Aa10 2Aa0 Firmware +32
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2022-28964 HIGH This Week

An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Premium Security
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-29883 MEDIUM PATCH This Month

A vulnerability has been identified in SICAM T (All versions < V3.0). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware 7Kg8500 0Aa10 2Aa0 Firmware +32
NVD
CVSS 4.0
6.9
EPSS
1.0%
CVE-2022-29881 MEDIUM PATCH This Month

A vulnerability has been identified in SICAM T (All versions < V3.0). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware 7Kg8500 0Aa10 2Aa0 Firmware +32
NVD
CVSS 4.0
6.9
EPSS
1.0%
CVE-2022-31258 MEDIUM This Month

In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkmk
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2022-29880 MEDIUM PATCH This Month

A vulnerability has been identified in SICAM T (All versions < V3.0). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware 7Kg8500 0Aa10 2Aa0 Firmware +32
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-29877 MEDIUM PATCH This Month

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass 7Kg8500 0Aa00 0Aa0 Firmware 7Kg8500 0Aa00 2Aa0 Firmware 7Kg8500 0Aa10 0Aa0 Firmware 7Kg8500 0Aa10 2Aa0 Firmware +32
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-27640 MEDIUM PATCH This Month

A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP 443-1 RNA (All versions < V1.5.18). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Simatic Cp 442 1 Rna Firmware Simatic Cp 443 1 Rna Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-24045 MEDIUM This Month

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Desigo Dxr2 Firmware Desigo Pxc3 Firmware Desigo Pxc4 Firmware Desigo Pxc5 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-28965 MEDIUM PATCH This Month

Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service RCE Premium Security
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-29430 MEDIUM This Month

Cross-Site Scripting (XSS) vulnerability in KubiQ's PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS CSRF WordPress Png To Jpg
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2022-29425 MEDIUM This Month

Cross-Site Scripting (XSS) vulnerability in WP Wham's Checkout Files Upload for WooCommerce plugin <= 2.1.2 at WordPress. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Checkout Files Upload For Woocommerce
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-29183 MEDIUM PATCH This Month

GoCD is a continuous delivery server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Gocd
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-29177 MEDIUM PATCH This Month

Go Ethereum is the official Golang implementation of the Ethereum protocol. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Go Ethereum
NVD GitHub
CVSS 3.1
5.9
EPSS
0.9%
CVE-2022-22365 MEDIUM PATCH This Month

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Websphere Application Server
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2022-29031 MEDIUM PATCH This Month

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
5.5
EPSS
0.5%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy